Moto g24 bootloader unlock ideas

[shomykohai]

While I was awaiting for the g23 script to be tried, I Decompiled the g24 lk binary.

Funnily enough, it doesn't even require a key to unlock the bootloader, there's just this check for secure boot.

Basically, if this check wasn't in place, it could be unlocked as easily as a Google pixel (apart from the 7 days connection it needs for not graying out oem unlock).

The only way to bypass this is making an exploit for disabling secure boot or try flashing seccfg through mtkclient.

We know g24 DA has some kind of access to seccfg thanks to the release notes present.

I'd need for someone to extract the spft from RSA first to confirm (I downloaded the one I used from the firmware archive) and also confirm this method to bypass DA SLA https://github.com/orgs/moto-penangf/discussions/16#discussioncomment-12017551

WHAT WE TRIED:

• Writing to seccfg with mtkclient ☑️ (Bypass DA SLA #2)

[shomykohai]

I think for this @R0rt1z2 can help us better finding an exploit.

I verified that g24 lk doesn't require any key to unlock, but it checks for Secure Boot it seems. This is something that has to be studied with mtkclient, logs and decompilation, hoping that is possible to flash seccfg with mtkclient.

check_for_flag() seem to be reading from a global variable, so I assume it's reading for secure boot.

Right below the check for the key pressed, it only checks for the unlock perm in FRP (OEM Unlock in developer settings).

[shomykohai]

I mean mtk client partially does do something with the g24 but what else is really to try if it doesn’t need a key to unlock..

Hope for an exploit tbh.
Also, we don't know what partitions we have access to with mtkclient

We'll need to write some documentation after we conclude stuff for g23, like TWRP.

At least, g24 doesn't require a key to unlock, which is slightly better because we wouldn't have to find out how to generate the key

But we would need to figure how to check for secure boot.

[Marcus-J-A]

Yea it is slightly better but making an exploit is kind of harder

[shomykohai]

Yea it is slightly better but making an exploit is kind of harder

I know, but from the experience we've got with g23, I'd say this is the only option.
I assume they disabled BROM and other stuff like with g23

[Marcus-J-A]

I suppose

[shomykohai]

I suppose

If only there weren't the secure boot check, we would only need to run "fastboot flashing unlock" and the phone would unlock, imagine how lazy they were to block it

[cxzstuff]

Empty and writable partitions of G24. (Didn't test writing the userdata.)

Partition	Address	Size	Empty	Writable
preloader	0x0	0x80000
pgpt	0x0	0x8000
misc	0x8000	0x80000
para	0x88000	0x80000
expdb	0x108000	0x1400000
frp	0x1508000	0x100000
vbmeta_a	0x1608000	0x800000
vbmeta_system_a	0x1e08000	0x800000		+
vbmeta_vendor_a	0x2608000	0x800000		+
vbmeta_b	0x2e08000	0x800000	+	+
vbmeta_system_b	0x3608000	0x800000	+	+
vbmeta_vendor_b	0x3e08000	0x800000	+	+
md_udc	0x4608000	0x169a000
metadata	0x5ca2000	0x2000000	+
nvcfg	0x7ca2000	0x2000000
nvdata	0x9ca2000	0x4000000
persist	0xdca2000	0x3000000
protect1	0x10ca2000	0x800000
protect2	0x114a2000	0xb5e000
seccfg	0x12000000	0x800000
md1img_a	0x12800000	0x8000000
spmfw_a	0x1a800000	0x100000
scp_a	0x1a900000	0x600000
sspm_a	0x1af00000	0x100000
gz_a	0x1b000000	0x1000000
lk_a	0x1c000000	0x200000
boot_a	0x1c200000	0x2000000
vendor_boot_a	0x1e200000	0x4000000		+
init_boot_a	0x22200000	0x800000	+
dtbo_a	0x22a00000	0x800000
tee_a	0x23200000	0x600000
sec1	0x23800000	0x200000	+
proinfo	0x23a00000	0x300000
efuse	0x23d00000	0x80000
boot_para	0x23d80000	0x1a00000
nvram	0x25780000	0x4000000
logo	0x29780000	0x880000
md1img_b	0x2a000000	0x8000000
spmfw_b	0x32000000	0x100000	+
scp_b	0x32100000	0x600000	+
sspm_b	0x32700000	0x100000	+
gz_b	0x32800000	0x1000000
lk_b	0x33800000	0x200000
boot_b	0x33a00000	0x2000000
vendor_boot_b	0x35a00000	0x4000000	+	+
init_boot_b	0x39a00000	0x800000	+
dtbo_b	0x3a200000	0x800000
tee_b	0x3aa00000	0x500000	+
oem_mfd	0x3af00000	0x100000
elabel	0x3b000000	0x1800000
super	0x3c800000	0x200000000
blackbox	0x23c800000	0x8000000
userdata	0x244800000	0xc0000000
mrdump	0xFFFF0258	0x1000000	+
otp	0xFFFF01d8	0x2b00000	+
flashinfo	0xFFFF0080	0x1000000
sgpt	0xFFFF0000	0x8000

[shomykohai]

Forgot to test preloader too... forbidden3.bin doesn't give much rights. While the other one fails to work at all... Full backup, nice, but useless if it cannot be written back...

I think you do not have access to Preloader via mtkclient, as on Moto G23

Tbf, that's a good thing, especially because to write preloader with mtkclient you need to specify the parttype, so at least we're sure we can avoid other people bricking the preloader with mtkclient 😅

[shomykohai]

Interesting enough, elabel here is not writable (with g23 is possible), and there's no proinfo partition?

[shomykohai]

I need to find out how to use the other DA file, maybe that one has access to more partitions or to other commands like in our case with PL_NO_CERT and MT6768_USER

[shomykohai]

I don't know where to look for the DA SLA signature though.. I was lucky enough to find the one in the SLA_CHALLENGE dll, but what about this one? 🤔

@cxzstuff could you try g24 spft with the other DA file (the one without dl_forbidden)? I know it can work in console mode if you format the command right

[shomykohai]

Interesting enough, elabel here is not writable (with g23 is possible), and there's no proinfo partition?

Edit: Nvm, I just saw the proinfo partition

[progzone122]

@cxzstuff Can you send the flash tool that downloads RSA?
Because lolinet may have the wrong one, like we had with penangf.

[shomykohai]

@cxzstuff Can you send the flash tool that downloads RSA?
Because lolinet may have the wrong one, like we had with penangf.

+1

Also, G24 has two flash tools on the firmware archive, that's weird

[cxzstuff]

Both came with RSA. That v9 is the current one. I have also v4. Only difference between them is added c++ dll files.
Wondering why they added that seccfg wipe. Maybe that forbidden2 had a hole in it? And wipe was a lazy way to fix.
Should find that TN_MTK_TSDC_FlashTool_V5.2316.10 to check that forbidden2 ...

Also weird are those blankflash packages at lolinet. From were they got them? RSA doesn't offer them at the moment. Downloads just fastboot package, like for G31, G41.

[cxzstuff]

lolinet may have the wrong one, like we had with penangf.

What's also weird in your current one that it isn't at their secured server https://rsddownload-secure.lenovo.com like rest of the stuff.
but at https://download.lenovo.com/lsa/Resource/Tools/Flash_Tool_V5.0.1_Penang.zip . So, maybe an older one for some reason...

[shomykohai]

"mrdump"

Maybe this might come handy, from the name I'd say that it dumps memory. If it turns out right, it will surely be useful if we need to craft an exploit.

I assume there's a fastboot command associated with it.

[shomykohai]

DA SLA keys for g24 got merged into mtkclient, now everyone can use it

[shomykohai]

We need to try to make the other DA file bypass SLA:

##### TN_MTK_TSDC_FlashTool_V5.2316.10.exe Version update content

Adjustment note:
	Brush with a new DA named DA_SWSEC_2316_p325a_dl_forbidden2.bin（Remove the misc partition）
	The tool is downloaded in Download only mode, and returns to the format misc data end after downloading, in order to solve 	the problem of starting from the same partition after AB upgrade

##### TN_MTK_TSDC_FlashTool_V5.2316.11.exe Version update content

Adjustment note:
	Brush with a new DA named DA_SWSEC_2316_p325a_dl_forbidden3.bin（Remove the misc and seccfg partition）
	The tool is downloaded in Download only mode, and returns to the format misc data end after downloading, in order to solve 	the problem of starting from the same partition after AB upgrade

I've found it in the flash tool. So the dl_forbidden has the seccfg blocked, and it worked beforehand.

[shomykohai]

@cxzstuff try adding this to the da_sla_keys:

    SlaKey(vendor="Generic",
           da_codes=[],
           name="SetRsaKey in libsla_challenge.so, secure_chip_tools/keys/toolauth/sla_prvk.pem V5",
           d=17927221772803595589677548665100382532460666845948522915567191138741093137994346758223790428815724337119399848617323634517831321838857002928203340809368584412532275387119052050346117829587547335823645786993417933752612674263704610122642616766124615147357260453258785716304089937180892099709020291991047354911782870897115280093452505641278117790282224075714432226317608734573868880945885289415362825737676921878537194428184324625476692278084544343444435636989350942762677823240040394539138366047050728975383606379913663863336393801544062712098911021002990407295958911986185315713867112814558339220670999677054756992713,
           # "8E02CDB389BBC52D5383EBB5949C895B0850E633CF7DD3B5F7B5B8911B0DDF2A80387B46FAF67D22BC2748978A0183B5B420BA579B6D847082EA0BD14AB21B6CCCA175C66586FCE93756C2F426C85D7DF07629A47236265D1963B8354CB229AFA2E560B7B3641DDB8A0A839ED8F39BA8C7CDB94104650E8C7790305E2FF6D18206F49B7290B1ADB7B4C523E10EBF53630D438EF49C877402EA3C1BD6DD903892FD662FBDF1DFF5D7B095712E58E728BD7F6A8B5621175F4C08EBD6143CDACD65D9284DFFECAB64F70FD63182E4981551522727A2EE9873D0DB78180C26553AD0EE1CAAA21BCEBC5A8C0B331FE7FD8710F905A7456AF675A04AF1118CE71E36C9",
           n=24768553458927569182264098384414119743435748352122448536260714781483609591751565373536682899405420594113926591732550627920208945701553102158862914443419182389461952820609704105060261920473892479137225127905294215755138122340474523740015372088152395971589602157167092642340489980247161917120903612864283134792211128271400444531978419218384701537034538417051660863427537718871156919447450593998355621418942546492747019880888003141225040123766139214470940969962244251360705865766394055854812601692583755861695306804617391695946006993172614987479125081044934005567736503206356076476324144050995732879986002921180459717263,
           # "C43469A95B143CDC63CE318FE32BAD35B9554A136244FA74D13947425A32949EE6DC808CDEBF4121687A570B83C51E657303C925EC280B420C757E5A63AD3EC6980AAD5B6CA6D1BBDC50DB793D2FDDC0D0361C06163CFF9757C07F96559A2186322F7ABF1FFC7765F396673A48A4E8E3296427BC5510D0F97F54E5CA1BD7A93ADE3F6A625056426BDFE77B3B502C68A18F08B470DA23B0A2FAE13B8D4DB3746255371F43306582C74794D1491E97FDE504F0B1ECAC9DDEF282D674B817B7FFA8522672CF6281790910378FEBFA7DC6C2B0AF9DA03A58509D60AA1AD6F9BFDC84537CD0959B8735FE0BB9B471104B458A38DF846366926993097222F90628528F",
           e="010001"),   

I've copied it from the brom_sla_keys, but I can find this in g24 firmware too. Try using it for bypassing DA_SWSEC_2316_p325a.bin

[shomykohai]

It doesn't work.

I'm thinking that for the other DA they use Online SLA. We know for sure that g24 version of spft is a login one, so probably that DA file is less forbidding.

Can someone try to get network requests from the flash tool when it is performing DA SLA?

[shomykohai]

@cxzstuff can you try setting the "EnableLog" to true, and then use the console mode of the spft, and finally see if you get a log file here: C:\ProgramData\SP_FT_Logs

[progzone122]

Interesting. Proinfo and Metadata are loaded before lk, by preloader.

I'll take a look at what I can find this week.

Thanks for the logs. If you people can gather me some network traffic from RSA and spft as I said before, it will surely be helpful.

@progzone122 I think there might be some way to do something with either proinfo or Metadata, what do you think? But starting from scratch, we need to make the documentation first with everything we've gathered so far. Did you already make the subdomain?

I tried to exploit proinfo for my own purposes on penangf and did not succeed

[progzone122]

Did you already make the subdomain?

That's not a problem, I can do CNAME at any time

[Marcus-J-A]

What subdomain lol

[progzone122]

What subdomain lol

We're going to write documentation, right? We have subdomains for each device.

https://www.fuckyoumoto.xyz/

[shomykohai]

I tried to exploit proinfo for my own purposes on penangf and did not succeed

I tried too on g23, but even if at the end is mtk bootloader, they still can have different implementation (for example the fact g24 has an efuse partition which gets used by lk apparently).

I'll try to see the dump of g24 @cxzstuff sent a while ago later, and see how proinfo differs from our

[shomykohai]

@progzone122 I want to try something with g24: if we dump the seccfg partition with mtkclient, we can try then flashing it with fastboot.

I'm not sure if it'll work (probably not), but if it's the same file (thus same signature), what's stopping it from being flashed?

Before asking the others to try this I want your opinion though. I know that messing with seccfg can result in a brick (I don't know if it's hardbrick or softbrick), so surely we might need to first understand how to parse it correctly.

[shomykohai]

Surely, I'd try doing this with safer partitions like vbmeta

[shomykohai]

Something to try is dumping vbmeta with mtkclient and use diff to find out if they're equal or not.

If not, then we need to make mtkclient dump them correctly for sure

[cxzstuff]

seccfg, it probably can be wiped if problems. If one still has access to device, that is....

[shomykohai]

seccfg, it probably can be wiped if problems. If one still has access to device, that is....

I won't risk seccfg right away tho, I remember seeing some error messages in g23 preloader complaining about not finding seccfg, and we don't have a verified one which we could flash back (basically a softbrick but unrecoverable).

I want to be sure first, that's why trying vbmeta is safer

[shomykohai]

Anyway, g24 has mtk bootloader

They just skinned it.

The code is all the same, but at least they made it look cooler. (I wonder if we could skin g23 one)

I'll check tomorrow, but I'm sure I'll find the same vulnerable memcpy function as g23, that doesn't check for destination size.

@R0rt1z2 (sorry for always pinging you), generally what would having a vulnerable memcpy function mean when dealing with phones? Do you think this can be used to cause a buffer overflow? 🤔

[shomykohai]

I need someone to try all the functions in mtkclient: peek, poke, da efuse etc...

If we have access to memwrite (I highly doubt it, but who knows), the phone would hey unlocked 100% because we could bypass secure boot measures for sure

[shomykohai]

signinfo+hash_list_unsigned.zip

Also G22 hawaiip has this tinno stuff... and also some interesting flash tools...
developer versions... no login in G24 console version, but I'll bet those ones has...

Then I might take a look at g22 soft later!

So basically, we were lucky by having bad firmware after all

[cxzstuff]

t I'll bet those ones have...

balboa didn't work ...

[shomykohai]

How did you get that dialog window?
And the rom name too.

As for the username and password I think we might only have luck analyzing network traffic

[cxzstuff]

How did you get that dialog window? And the rom name too.

As for the username and password I think we might only have luck analyzing network traffic

It's one of those G22 dev tools... gave those options as default...

[shomykohai]

How did you get that dialog window? And the rom name too.

As for the username and password I think we might only have luck analyzing network traffic

It's one of those G22 dev tools... gave those options as default...

We need to investigate this further imo, and find what the rom name for g24 is too

[shomykohai]

It seems that from g24 and further, moto decided to give to this "Tinno" company the handling of spft, lamu (g15) has the same stuff and keys as g24

[shomykohai]

@progzone122 @cxzstuff
G15 (lamu) has the same lk of g24.
If we unlock g24, we unlock other moto phones too.

This is not even moto bootloader, this is "Tinno" bootloader

$ strings lk.img | grep "tinno"
tinno_carrier_update
tinno_carrier_otp_flag_update
tinno_carrier_otp_record_update
tinno_sku_and_carrier_match
tinno_carrier_init
tinno_add_cmdline
tinno_add_bootconfig
tinno_wallpaper_update
tinno_wallpaper_init
tinno_ddr_get_vendor
tinno_ddr_get_type
tinno_ddr_get_size
tinno_dfmode_init
tinno_dualsim_update
tinno_siminfo_init
tinno_facmode_update
tinno_facmode_init
tinno_fastboot_ui
tinno_fastboot
tinno_hwid_map
tinno_gpios_read
tinno_main_init
tinno_mfd_init
tinno_partition_read
tinno_flash_get_vendor
tinno_flash_get_size
tinno_flash_get_type
tinno_partition_write
tinno_flash_info_init
tinno_proinfo_battery_sn
tinno_proinfo_imei
tinno_proinfo_init
tinno_proinfo_update
tinno_proinfo_carrier
tinno_commercial_device_force_lock
tinno_check_payjoy_flag
tinno_fastboot_auth
tinno_efuse_enable
%s tinno_rsa_verify is failed %s
tinno_rsa_verify
tinno_fdr_update
tinno_zerotouch_update
tinno_enterprise_init
tinno_swinfo_fingerprint
tinno_swinfo_service_build_sn_verify
tinno_swinfo_init
tinno_swinfo_builddate

[shomykohai]

They seem to write the secure boot efuse to the efuse partition. I think it acts like a sort of backup of enabled fuses

[shomykohai]

This.. will be hard, but it will allow to unlock basically any other phone with this kind of bootloader i think (so g15 too for example)

Though, we will need an exploit 100%, either BROM (impossible) or something else. There's no way to just unlock the bootloader because of efuses (it's funny because probably this doesn't even come from moto, but this Tinno company. They really needed someone else to find a way to restrict bootloader unlock)

[shomykohai]

@progzone122 100% confirmed that g24 does not have BROM: hard bricked g24

[shomykohai]

Looks like they've done it on all Motorola devices after 2022....

At least on g23 they left JTAG points "more accessible" compared to what g24 needs, or at least from what I'm seeing. I guess we have ""easier repair""

They really fear people unlocking a bootloader and not actual problems like FRP bypass without even using a PC...

[progzone122]

Looks like they've done it on all Motorola devices after 2022....

At least on g23 they left JTAG points "more accessible" compared to what g24 needs, or at least from what I'm seeing. I guess we have ""easier repair""

They really fear people unlocking a bootloader and not actual problems like FRP bypass without even using a PC...

[cxzstuff]

@progzone122 100% confirmed that g24 does not have BROM: hard bricked g24

Similar.. no heat gun used but a can opener..
Moto g13 revivir dump
https://www.facebook.com/GameStarv1.2/videos/516861800985292/
https://www.youtube.com/shorts/eQAo5g29aN8

[progzone122]

@progzone122 100% confirmed that g24 does not have BROM: hard bricked g24

Similar.. no heat gun used but a can opener.. Moto g13 revivir dump https://www.facebook.com/GameStarv1.2/videos/516861800985292/ https://www.youtube.com/shorts/eQAo5g29aN8

yes, it's JTAG

[cxzstuff]

This might be useful for JTAG in the documentation!

Orig. source ?? IDK, but probably more so than that spanish forum that collects stuff here and there...
https://www.facebook.com/photo/?fbid=122183709584214702
There is some talk that with Android multitool one doesn't have to scrape, usb is enough. If I understood anything.